<?php

if (!defined('BASEPATH'))
    exit('No direct script access allowed');

class User extends CI_Model {

    private $CI;
    
    function __construct() {
        parent::__construct();
    }
    
    function get($user_id,$only_active=FALSE) {
    	$this
	    		->db
	    		->where('user.id',$user_id);

	    if ($only_active)
	    	$this
	    		->db
	    		->where('active',1);
	    		
	    $result = $this
	    		->db		
	    		->get('user');

		if ($result->num_rows() == 1)
	    	return $result->row();
	    else
	    	throw new Exception("User $user_id not found");
    }
    
    function get_all() {
    	return $this
    		->db
    		->order_by('email')
    		->get('user')
    		->result();
    }
    
    private $current = NULL;
    
    function get_current() {
    	if ($this->current != NULL) return $this->current;

    	$uid = $this->session->userdata('user_id');

    	if ($uid==0) return NULL;

    	return $this->get($uid,TRUE);    	
    }
    
    function is_valid() {
		try {
    		return isset($this->get_current()->id);
		} catch (Exception $e) {
			return FALSE;
		}
    }
    
    
    function is_editor() {
    	return $this->is_valid() && ( $this->get_current()->access == 'editor' || $this->get_current()->access == 'admin') ;
    }
    
    function is_admin() {
    	return $this->is_valid() && $this->get_current()->access == 'admin';
    }

    function validate($email,$pass) {
    	$result = $this
    		->db
    		->where('email',$email)
    		->where('passhash',md5($pass))
    		->where('active',1)
    		->get('user');
    	if ($result->num_rows() == 0)
    		return FALSE;
    	else
    		return $result->row()->id;
    }
    
    function insert($email,$password,$access,$active) {
    	$this->db->insert('user',array(
    		'email'=>$email,
    		'passhash'=>md5($password),
    		'access'=>$access,
    		'active'=>$active
    	));

    	if ($this->db->_error_number()!=0)
			throw new Exception("User $user_id not inserted: ".$this->db->_error_number().': '.$this->db->_error_message());
    		
		if ($this->db->affected_rows() == 0)
			throw new Exception('User not inserted');
    }

    function update($user_id,$email,$access,$active) {
    	$this->db->where('id',$user_id)->update('user',array(
    		'email'=>$email,
    		'access'=>$access,
    		'active'=>$active
    	));

    	if ($this->db->_error_number()!=0)
			throw new Exception("User $user_id not updated: ".$this->db->_error_number().': '.$this->db->_error_message());
    		
		if ($this->db->affected_rows() == 0)
			throw new Exception("User $user_id not found");
	    }

    function delete($user_id) {
    	$this->db->where('id',$user_id)->delete('user');

		if ($this->db->affected_rows() == 0)
			throw new Exception("User $user_id not found");
    }
    
    function set_password($user_id,$new,$old) {
    	$this->db->where('id',$user_id)->where('passhash',md5($old))->update('user',array('passhash'=>md5($new)));
    	return $this->db->affected_rows() > 0;
    }
    
}?>